#VU100252 Out-of-bounds read in lldpd - CVE-2023-41910

Cybersecurity Help s.r.o.

Published: 2024-11-12

Vulnerability identifier: #VU100252

Vulnerability risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-41910

CWE-ID: CWE-125

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
lldpd
Other software / Other software solutions

Vendor: vincentbernat (Vincent Bernat)

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to a boundary condition within the cdp_decode() function in daemon/protocols/cdp.c. A remote attacker can send a specially crafted CDP PDU packet with specific CDP_TLV_ADDRESSES TLVs, trigger an out-of-bounds read and execute arbitrary code on the system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

lldpd: 1.0.0 - 1.0.16

External links
https://github.com/lldpd/lldpd/commit/a9aeabdf879c25c584852a0bb5523837632f099b
https://github.com/lldpd/lldpd/releases/tag/1.0.17

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Anolis OS update for lldpd

Red Hat Enterprise Linux 9 update for lldpd

Remote code execution in lldpd